diff options
Diffstat (limited to 'openssl/fips/fipsalgtest.pl')
| -rw-r--r-- | openssl/fips/fipsalgtest.pl | 848 |
1 files changed, 0 insertions, 848 deletions
diff --git a/openssl/fips/fipsalgtest.pl b/openssl/fips/fipsalgtest.pl deleted file mode 100644 index 44a5ccac7..000000000 --- a/openssl/fips/fipsalgtest.pl +++ /dev/null @@ -1,848 +0,0 @@ -#!/usr/bin/perl -w -# Perl utility to run or verify FIPS 140-2 CMVP algorithm tests based on the -# pathnames of input algorithm test files actually present (the unqualified -# file names are consistent but the pathnames are not). -# - -# FIPS test definitions -# List of all the unqualified file names we expect and command lines to run - -# DSA tests -my @fips_dsa_test_list = ( - - "DSA", - - [ "PQGGen", "fips_dssvs pqg" ], - [ "KeyPair", "fips_dssvs keypair" ], - [ "SigGen", "fips_dssvs siggen" ], - [ "SigVer", "fips_dssvs sigver" ] - -); - -# RSA tests - -my @fips_rsa_test_list = ( - - "RSA", - - [ "SigGen15", "fips_rsastest" ], - [ "SigVer15", "fips_rsavtest" ], - [ "SigVerRSA", "fips_rsavtest -x931" ], - [ "KeyGenRSA", "fips_rsagtest" ], - [ "SigGenRSA", "fips_rsastest -x931" ] - -); - -# Special cases for PSS. The filename itself is -# not sufficient to determine the test. Addditionally we -# need to examine the file contents to determine the salt length -# In these cases the test filename has (saltlen) appended. - -# RSA PSS salt length 0 tests - -my @fips_rsa_pss0_test_list = ( - - [ "SigGenPSS(0)", "fips_rsastest -saltlen 0" ], - [ "SigVerPSS(0)", "fips_rsavtest -saltlen 0" ] - -); - -# RSA PSS salt length 62 tests - -my @fips_rsa_pss62_test_list = ( - [ "SigGenPSS(62)", "fips_rsastest -saltlen 62" ], - [ "SigVerPSS(62)", "fips_rsavtest -saltlen 62" ] - -); - -# SHA tests - -my @fips_sha_test_list = ( - - "SHA", - - [ "SHA1LongMsg", "fips_shatest" ], - [ "SHA1Monte", "fips_shatest" ], - [ "SHA1ShortMsg", "fips_shatest" ], - [ "SHA224LongMsg", "fips_shatest" ], - [ "SHA224Monte", "fips_shatest" ], - [ "SHA224ShortMsg", "fips_shatest" ], - [ "SHA256LongMsg", "fips_shatest" ], - [ "SHA256Monte", "fips_shatest" ], - [ "SHA256ShortMsg", "fips_shatest" ], - [ "SHA384LongMsg", "fips_shatest" ], - [ "SHA384Monte", "fips_shatest" ], - [ "SHA384ShortMsg", "fips_shatest" ], - [ "SHA512LongMsg", "fips_shatest" ], - [ "SHA512Monte", "fips_shatest" ], - [ "SHA512ShortMsg", "fips_shatest" ] - -); - -# HMAC - -my @fips_hmac_test_list = ( - - "HMAC", - - [ "HMAC", "fips_hmactest" ] - -); - -# RAND tests, AES version - -my @fips_rand_aes_test_list = ( - - "RAND (AES)", - - [ "ANSI931_AES128MCT", "fips_rngvs mct" ], - [ "ANSI931_AES192MCT", "fips_rngvs mct" ], - [ "ANSI931_AES256MCT", "fips_rngvs mct" ], - [ "ANSI931_AES128VST", "fips_rngvs vst" ], - [ "ANSI931_AES192VST", "fips_rngvs vst" ], - [ "ANSI931_AES256VST", "fips_rngvs vst" ] - -); - -# RAND tests, DES2 version - -my @fips_rand_des2_test_list = ( - - "RAND (DES2)", - - [ "ANSI931_TDES2MCT", "fips_rngvs mct" ], - [ "ANSI931_TDES2VST", "fips_rngvs vst" ] - -); - -# AES tests - -my @fips_aes_test_list = ( - - "AES", - - [ "CBCGFSbox128", "fips_aesavs -f" ], - [ "CBCGFSbox192", "fips_aesavs -f" ], - [ "CBCGFSbox256", "fips_aesavs -f" ], - [ "CBCKeySbox128", "fips_aesavs -f" ], - [ "CBCKeySbox192", "fips_aesavs -f" ], - [ "CBCKeySbox256", "fips_aesavs -f" ], - [ "CBCMCT128", "fips_aesavs -f" ], - [ "CBCMCT192", "fips_aesavs -f" ], - [ "CBCMCT256", "fips_aesavs -f" ], - [ "CBCMMT128", "fips_aesavs -f" ], - [ "CBCMMT192", "fips_aesavs -f" ], - [ "CBCMMT256", "fips_aesavs -f" ], - [ "CBCVarKey128", "fips_aesavs -f" ], - [ "CBCVarKey192", "fips_aesavs -f" ], - [ "CBCVarKey256", "fips_aesavs -f" ], - [ "CBCVarTxt128", "fips_aesavs -f" ], - [ "CBCVarTxt192", "fips_aesavs -f" ], - [ "CBCVarTxt256", "fips_aesavs -f" ], - [ "CFB128GFSbox128", "fips_aesavs -f" ], - [ "CFB128GFSbox192", "fips_aesavs -f" ], - [ "CFB128GFSbox256", "fips_aesavs -f" ], - [ "CFB128KeySbox128", "fips_aesavs -f" ], - [ "CFB128KeySbox192", "fips_aesavs -f" ], - [ "CFB128KeySbox256", "fips_aesavs -f" ], - [ "CFB128MCT128", "fips_aesavs -f" ], - [ "CFB128MCT192", "fips_aesavs -f" ], - [ "CFB128MCT256", "fips_aesavs -f" ], - [ "CFB128MMT128", "fips_aesavs -f" ], - [ "CFB128MMT192", "fips_aesavs -f" ], - [ "CFB128MMT256", "fips_aesavs -f" ], - [ "CFB128VarKey128", "fips_aesavs -f" ], - [ "CFB128VarKey192", "fips_aesavs -f" ], - [ "CFB128VarKey256", "fips_aesavs -f" ], - [ "CFB128VarTxt128", "fips_aesavs -f" ], - [ "CFB128VarTxt192", "fips_aesavs -f" ], - [ "CFB128VarTxt256", "fips_aesavs -f" ], - [ "CFB8GFSbox128", "fips_aesavs -f" ], - [ "CFB8GFSbox192", "fips_aesavs -f" ], - [ "CFB8GFSbox256", "fips_aesavs -f" ], - [ "CFB8KeySbox128", "fips_aesavs -f" ], - [ "CFB8KeySbox192", "fips_aesavs -f" ], - [ "CFB8KeySbox256", "fips_aesavs -f" ], - [ "CFB8MCT128", "fips_aesavs -f" ], - [ "CFB8MCT192", "fips_aesavs -f" ], - [ "CFB8MCT256", "fips_aesavs -f" ], - [ "CFB8MMT128", "fips_aesavs -f" ], - [ "CFB8MMT192", "fips_aesavs -f" ], - [ "CFB8MMT256", "fips_aesavs -f" ], - [ "CFB8VarKey128", "fips_aesavs -f" ], - [ "CFB8VarKey192", "fips_aesavs -f" ], - [ "CFB8VarKey256", "fips_aesavs -f" ], - [ "CFB8VarTxt128", "fips_aesavs -f" ], - [ "CFB8VarTxt192", "fips_aesavs -f" ], - [ "CFB8VarTxt256", "fips_aesavs -f" ], - - [ "ECBGFSbox128", "fips_aesavs -f" ], - [ "ECBGFSbox192", "fips_aesavs -f" ], - [ "ECBGFSbox256", "fips_aesavs -f" ], - [ "ECBKeySbox128", "fips_aesavs -f" ], - [ "ECBKeySbox192", "fips_aesavs -f" ], - [ "ECBKeySbox256", "fips_aesavs -f" ], - [ "ECBMCT128", "fips_aesavs -f" ], - [ "ECBMCT192", "fips_aesavs -f" ], - [ "ECBMCT256", "fips_aesavs -f" ], - [ "ECBMMT128", "fips_aesavs -f" ], - [ "ECBMMT192", "fips_aesavs -f" ], - [ "ECBMMT256", "fips_aesavs -f" ], - [ "ECBVarKey128", "fips_aesavs -f" ], - [ "ECBVarKey192", "fips_aesavs -f" ], - [ "ECBVarKey256", "fips_aesavs -f" ], - [ "ECBVarTxt128", "fips_aesavs -f" ], - [ "ECBVarTxt192", "fips_aesavs -f" ], - [ "ECBVarTxt256", "fips_aesavs -f" ], - [ "OFBGFSbox128", "fips_aesavs -f" ], - [ "OFBGFSbox192", "fips_aesavs -f" ], - [ "OFBGFSbox256", "fips_aesavs -f" ], - [ "OFBKeySbox128", "fips_aesavs -f" ], - [ "OFBKeySbox192", "fips_aesavs -f" ], - [ "OFBKeySbox256", "fips_aesavs -f" ], - [ "OFBMCT128", "fips_aesavs -f" ], - [ "OFBMCT192", "fips_aesavs -f" ], - [ "OFBMCT256", "fips_aesavs -f" ], - [ "OFBMMT128", "fips_aesavs -f" ], - [ "OFBMMT192", "fips_aesavs -f" ], - [ "OFBMMT256", "fips_aesavs -f" ], - [ "OFBVarKey128", "fips_aesavs -f" ], - [ "OFBVarKey192", "fips_aesavs -f" ], - [ "OFBVarKey256", "fips_aesavs -f" ], - [ "OFBVarTxt128", "fips_aesavs -f" ], - [ "OFBVarTxt192", "fips_aesavs -f" ], - [ "OFBVarTxt256", "fips_aesavs -f" ] - -); - -my @fips_aes_cfb1_test_list = ( - - # AES CFB1 tests - - [ "CFB1GFSbox128", "fips_aesavs -f" ], - [ "CFB1GFSbox192", "fips_aesavs -f" ], - [ "CFB1GFSbox256", "fips_aesavs -f" ], - [ "CFB1KeySbox128", "fips_aesavs -f" ], - [ "CFB1KeySbox192", "fips_aesavs -f" ], - [ "CFB1KeySbox256", "fips_aesavs -f" ], - [ "CFB1MCT128", "fips_aesavs -f" ], - [ "CFB1MCT192", "fips_aesavs -f" ], - [ "CFB1MCT256", "fips_aesavs -f" ], - [ "CFB1MMT128", "fips_aesavs -f" ], - [ "CFB1MMT192", "fips_aesavs -f" ], - [ "CFB1MMT256", "fips_aesavs -f" ], - [ "CFB1VarKey128", "fips_aesavs -f" ], - [ "CFB1VarKey192", "fips_aesavs -f" ], - [ "CFB1VarKey256", "fips_aesavs -f" ], - [ "CFB1VarTxt128", "fips_aesavs -f" ], - [ "CFB1VarTxt192", "fips_aesavs -f" ], - [ "CFB1VarTxt256", "fips_aesavs -f" ] - -); - -# Triple DES tests - -my @fips_des3_test_list = ( - - "Triple DES", - - [ "TCBCinvperm", "fips_desmovs -f" ], - [ "TCBCMMT1", "fips_desmovs -f" ], - [ "TCBCMMT2", "fips_desmovs -f" ], - [ "TCBCMMT3", "fips_desmovs -f" ], - [ "TCBCMonte1", "fips_desmovs -f" ], - [ "TCBCMonte2", "fips_desmovs -f" ], - [ "TCBCMonte3", "fips_desmovs -f" ], - [ "TCBCpermop", "fips_desmovs -f" ], - [ "TCBCsubtab", "fips_desmovs -f" ], - [ "TCBCvarkey", "fips_desmovs -f" ], - [ "TCBCvartext", "fips_desmovs -f" ], - [ "TCFB64invperm", "fips_desmovs -f" ], - [ "TCFB64MMT1", "fips_desmovs -f" ], - [ "TCFB64MMT2", "fips_desmovs -f" ], - [ "TCFB64MMT3", "fips_desmovs -f" ], - [ "TCFB64Monte1", "fips_desmovs -f" ], - [ "TCFB64Monte2", "fips_desmovs -f" ], - [ "TCFB64Monte3", "fips_desmovs -f" ], - [ "TCFB64permop", "fips_desmovs -f" ], - [ "TCFB64subtab", "fips_desmovs -f" ], - [ "TCFB64varkey", "fips_desmovs -f" ], - [ "TCFB64vartext", "fips_desmovs -f" ], - [ "TCFB8invperm", "fips_desmovs -f" ], - [ "TCFB8MMT1", "fips_desmovs -f" ], - [ "TCFB8MMT2", "fips_desmovs -f" ], - [ "TCFB8MMT3", "fips_desmovs -f" ], - [ "TCFB8Monte1", "fips_desmovs -f" ], - [ "TCFB8Monte2", "fips_desmovs -f" ], - [ "TCFB8Monte3", "fips_desmovs -f" ], - [ "TCFB8permop", "fips_desmovs -f" ], - [ "TCFB8subtab", "fips_desmovs -f" ], - [ "TCFB8varkey", "fips_desmovs -f" ], - [ "TCFB8vartext", "fips_desmovs -f" ], - [ "TECBinvperm", "fips_desmovs -f" ], - [ "TECBMMT1", "fips_desmovs -f" ], - [ "TECBMMT2", "fips_desmovs -f" ], - [ "TECBMMT3", "fips_desmovs -f" ], - [ "TECBMonte1", "fips_desmovs -f" ], - [ "TECBMonte2", "fips_desmovs -f" ], - [ "TECBMonte3", "fips_desmovs -f" ], - [ "TECBpermop", "fips_desmovs -f" ], - [ "TECBsubtab", "fips_desmovs -f" ], - [ "TECBvarkey", "fips_desmovs -f" ], - [ "TECBvartext", "fips_desmovs -f" ], - [ "TOFBinvperm", "fips_desmovs -f" ], - [ "TOFBMMT1", "fips_desmovs -f" ], - [ "TOFBMMT2", "fips_desmovs -f" ], - [ "TOFBMMT3", "fips_desmovs -f" ], - [ "TOFBMonte1", "fips_desmovs -f" ], - [ "TOFBMonte2", "fips_desmovs -f" ], - [ "TOFBMonte3", "fips_desmovs -f" ], - [ "TOFBpermop", "fips_desmovs -f" ], - [ "TOFBsubtab", "fips_desmovs -f" ], - [ "TOFBvarkey", "fips_desmovs -f" ], - [ "TOFBvartext", "fips_desmovs -f" ] - -); - -# Verification special cases. -# In most cases the output of a test is deterministic and -# it can be compared to a known good result. A few involve -# the genration and use of random keys and the output will -# be different each time. In thoses cases we perform special tests -# to simply check their consistency. For example signature generation -# output will be run through signature verification to see if all outputs -# show as valid. -# - -my %verify_special = ( - "PQGGen" => "fips_dssvs pqgver", - "KeyPair" => "fips_dssvs keyver", - "SigGen" => "fips_dssvs sigver", - "SigGen15" => "fips_rsavtest", - "SigGenRSA" => "fips_rsavtest -x931", - "SigGenPSS(0)" => "fips_rsavtest -saltlen 0", - "SigGenPSS(62)" => "fips_rsavtest -saltlen 62", -); - -my $win32 = $^O =~ m/mswin/i; -my $onedir = 0; -my $filter = ""; -my $tvdir; -my $tprefix; -my $shwrap_prefix; -my $debug = 0; -my $quiet = 0; -my $notest = 0; -my $verify = 1; -my $rspdir = "rsp"; -my $ignore_missing = 0; -my $ignore_bogus = 0; -my $bufout = ''; -my $list_tests = 0; - -my %fips_enabled = ( - dsa => 1, - rsa => 1, - "rsa-pss0" => 0, - "rsa-pss62" => 1, - sha => 1, - hmac => 1, - "rand-aes" => 1, - "rand-des2" => 0, - aes => 1, - "aes-cfb1" => 0, - des3 => 1 -); - -foreach (@ARGV) { - if ( $_ eq "--win32" ) { - $win32 = 1; - } - elsif ( $_ eq "--onedir" ) { - $onedir = 1; - } - elsif ( $_ eq "--debug" ) { - $debug = 1; - } - elsif ( $_ eq "--ignore-missing" ) { - $ignore_missing = 1; - } - elsif ( $_ eq "--ignore-bogus" ) { - $ignore_bogus = 1; - } - elsif ( $_ eq "--generate" ) { - $verify = 0; - } - elsif ( $_ eq "--notest" ) { - $notest = 1; - } - elsif ( $_ eq "--quiet" ) { - $quiet = 1; - } - elsif (/--dir=(.*)$/) { - $tvdir = $1; - } - elsif (/--rspdir=(.*)$/) { - $rspdir = $1; - } - elsif (/--tprefix=(.*)$/) { - $tprefix = $1; - } - elsif (/--shwrap_prefix=(.*)$/) { - $shwrap_prefix = $1; - } - elsif (/^--(enable|disable)-(.*)$/) { - if ( !exists $fips_enabled{$2} ) { - print STDERR "Unknown test $2\n"; - } - if ( $1 eq "enable" ) { - $fips_enabled{$2} = 1; - } - else { - $fips_enabled{$2} = 0; - } - } - elsif (/--filter=(.*)$/) { - $filter = $1; - } - elsif (/^--list-tests$/) { - $list_tests = 1; - } - else { - Help(); - exit(1); - } -} - -my @fips_test_list; - -push @fips_test_list, @fips_dsa_test_list if $fips_enabled{"dsa"}; -push @fips_test_list, @fips_rsa_test_list if $fips_enabled{"rsa"}; -push @fips_test_list, @fips_rsa_pss0_test_list if $fips_enabled{"rsa-pss0"}; -push @fips_test_list, @fips_rsa_pss62_test_list if $fips_enabled{"rsa-pss62"}; -push @fips_test_list, @fips_sha_test_list if $fips_enabled{"sha"}; -push @fips_test_list, @fips_hmac_test_list if $fips_enabled{"hmac"}; -push @fips_test_list, @fips_rand_aes_test_list if $fips_enabled{"rand-aes"}; -push @fips_test_list, @fips_rand_des2_test_list if $fips_enabled{"rand-des2"}; -push @fips_test_list, @fips_aes_test_list if $fips_enabled{"aes"}; -push @fips_test_list, @fips_aes_cfb1_test_list if $fips_enabled{"aes-cfb1"}; -push @fips_test_list, @fips_des3_test_list if $fips_enabled{"des3"}; - -if ($list_tests) { - my ( $test, $en ); - print "=====TEST LIST=====\n"; - foreach $test ( sort keys %fips_enabled ) { - $en = $fips_enabled{$test}; - $test =~ tr/[a-z]/[A-Z]/; - printf "%-10s %s\n", $test, $en ? "enabled" : "disabled"; - } - exit(0); -} - -foreach (@fips_test_list) { - next unless ref($_); - my $nm = $_->[0]; - $_->[2] = ""; - $_->[3] = ""; - print STDERR "Duplicate test $nm\n" if exists $fips_tests{$nm}; - $fips_tests{$nm} = $_; -} - -$tvdir = "." unless defined $tvdir; - -if ($win32) { - if ( !defined $tprefix ) { - if ($onedir) { - $tprefix = ".\\"; - } - else { - $tprefix = "..\\out32dll\\"; - } - } -} -else { - if ($onedir) { - $tprefix = "./" unless defined $tprefix; - $shwrap_prefix = "./" unless defined $shwrap_prefix; - } - else { - $tprefix = "../test/" unless defined $tprefix; - $shwrap_prefix = "../util/" unless defined $shwrap_prefix; - } -} - -sanity_check_exe( $win32, $tprefix, $shwrap_prefix ); - -my $cmd_prefix = $win32 ? "" : "${shwrap_prefix}shlib_wrap.sh "; - -find_files( $filter, $tvdir ); - -sanity_check_files(); - -my ( $runerr, $cmperr, $cmpok, $scheckrunerr, $scheckerr, $scheckok, $skipcnt ) - = ( 0, 0, 0, 0, 0, 0, 0 ); - -exit(0) if $notest; - -run_tests( $verify, $win32, $tprefix, $filter, $tvdir ); - -if ($verify) { - print "ALGORITHM TEST VERIFY SUMMARY REPORT:\n"; - print "Tests skipped due to missing files: $skipcnt\n"; - print "Algorithm test program execution failures: $runerr\n"; - print "Test comparisons successful: $cmpok\n"; - print "Test comparisons failed: $cmperr\n"; - print "Test sanity checks successful: $scheckok\n"; - print "Test sanity checks failed: $scheckerr\n"; - print "Sanity check program execution failures: $scheckrunerr\n"; - - if ( $runerr || $cmperr || $scheckrunerr || $scheckerr ) { - print "***TEST FAILURE***\n"; - } - else { - print "***ALL TESTS SUCCESSFUL***\n"; - } -} -else { - print "ALGORITHM TEST SUMMARY REPORT:\n"; - print "Tests skipped due to missing files: $skipcnt\n"; - print "Algorithm test program execution failures: $runerr\n"; - - if ($runerr) { - print "***TEST FAILURE***\n"; - } - else { - print "***ALL TESTS SUCCESSFUL***\n"; - } -} - -#-------------------------------- -sub Help { - ( my $cmd ) = ( $0 =~ m#([^/]+)$# ); - print <<EOF; -$cmd: generate run CMVP algorithm tests - --debug Enable debug output - --dir=<dirname> Optional root for *.req file search - --filter=<regexp> - --onedir <dirname> Assume all components in current directory - --rspdir=<dirname> Name of subdirectories containing *.rsp files, default "resp" - --shwrap_prefix=<prefix> - --tprefix=<prefix> - --ignore-bogus Ignore duplicate or bogus files - --ignore-missing Ignore missing test files - --quiet Shhh.... - --generate Generate algorithm test output - --win32 Win32 environment -EOF -} - -# Sanity check to see if all necessary executables exist - -sub sanity_check_exe { - my ( $win32, $tprefix, $shwrap_prefix ) = @_; - my %exe_list; - my $bad = 0; - $exe_list{ $shwrap_prefix . "shlib_wrap.sh" } = 1 unless $win32; - foreach (@fips_test_list) { - next unless ref($_); - my $cmd = $_->[1]; - $cmd =~ s/ .*$//; - $cmd = $tprefix . $cmd; - $cmd .= ".exe" if $win32; - $exe_list{$cmd} = 1; - } - - foreach ( sort keys %exe_list ) { - if ( !-f $_ ) { - print STDERR "ERROR: can't find executable $_\n"; - $bad = 1; - } - } - if ($bad) { - print STDERR "FATAL ERROR: executables missing\n"; - exit(1); - } - elsif ($debug) { - print STDERR "Executable sanity check passed OK\n"; - } -} - -# Search for all request and response files - -sub find_files { - my ( $filter, $dir ) = @_; - my ( $dirh, $testname ); - opendir( $dirh, $dir ); - while ( $_ = readdir($dirh) ) { - next if ( $_ eq "." || $_ eq ".." ); - $_ = "$dir/$_"; - if ( -f "$_" ) { - if (/\/([^\/]*)\.rsp$/) { - $testname = fix_pss( $1, $_ ); - if ( exists $fips_tests{$testname} ) { - if ( $fips_tests{$testname}->[3] eq "" ) { - $fips_tests{$testname}->[3] = $_; - } - else { - print STDERR -"WARNING: duplicate response file $_ for test $testname\n"; - $nbogus++; - } - } - else { - print STDERR "WARNING: bogus file $_\n"; - $nbogus++; - } - } - next unless /$filter.*\.req$/i; - if (/\/([^\/]*)\.req$/) { - $testname = fix_pss( $1, $_ ); - if ( exists $fips_tests{$testname} ) { - if ( $fips_tests{$testname}->[2] eq "" ) { - $fips_tests{$testname}->[2] = $_; - } - else { - print STDERR -"WARNING: duplicate request file $_ for test $testname\n"; - $nbogus++; - } - - } - elsif ( !/SHAmix\.req$/ ) { - print STDERR "WARNING: unrecognized filename $_\n"; - $nbogus++; - } - } - } - elsif ( -d "$_" ) { - find_files( $filter, $_ ); - } - } - closedir($dirh); -} - -sub fix_pss { - my ( $test, $path ) = @_; - my $sl = ""; - local $_; - if ( $test =~ /PSS/ ) { - open( IN, $path ) || die "Can't Open File $path"; - while (<IN>) { - if (/^\s*#\s*salt\s+len:\s+(\d+)\s*$/i) { - $sl = $1; - last; - } - } - close IN; - if ( $sl eq "" ) { - print STDERR "WARNING: No Salt length detected for file $path\n"; - } - else { - return $test . "($sl)"; - } - } - return $test; -} - -sub sanity_check_files { - my $bad = 0; - foreach (@fips_test_list) { - next unless ref($_); - my ( $tst, $cmd, $req, $resp ) = @$_; - - #print STDERR "FILES $tst, $cmd, $req, $resp\n"; - if ( $req eq "" ) { - print STDERR "WARNING: missing request file for $tst\n"; - $bad = 1; - next; - } - if ( $verify && $resp eq "" ) { - print STDERR "WARNING: no response file for test $tst\n"; - $bad = 1; - } - elsif ( !$verify && $resp ne "" ) { - print STDERR "WARNING: response file $resp will be overwritten\n"; - } - } - if ($bad) { - print STDERR "ERROR: test vector file set not complete\n"; - exit(1) unless $ignore_missing; - } - if ($nbogus) { - print STDERR - "ERROR: $nbogus bogus or duplicate request and response files\n"; - exit(1) unless $ignore_bogus; - } - if ( $debug && !$nbogus && !$bad ) { - print STDERR "test vector file set complete\n"; - } -} - -sub run_tests { - my ( $verify, $win32, $tprefix, $filter, $tvdir ) = @_; - my ( $tname, $tref ); - my $bad = 0; - foreach (@fips_test_list) { - if ( !ref($_) ) { - print "Running $_ tests\n" unless $quiet; - next; - } - my ( $tname, $tcmd, $req, $rsp ) = @$_; - my $out = $rsp; - if ($verify) { - $out =~ s/\.rsp$/.tst/; - } - if ( $req eq "" ) { - print STDERR - "WARNING: Request file for $tname missing: test skipped\n"; - $skipcnt++; - next; - } - if ( $verify && $rsp eq "" ) { - print STDERR - "WARNING: Response file for $tname missing: test skipped\n"; - $skipcnt++; - next; - } - elsif ( !$verify ) { - if ( $rsp ne "" ) { - print STDERR "WARNING: Response file for $tname deleted\n"; - unlink $rsp; - } - $out = $req; - $out =~ s|/req/(\S+)\.req|/$rspdir/$1.rsp|; - my $outdir = $out; - $outdir =~ s|/[^/]*$||; - if ( !-d $outdir ) { - print STDERR "DEBUG: Creating directory $outdir\n" if $debug; - mkdir($outdir) || die "Can't create directory $outdir"; - } - } - my $cmd = "$cmd_prefix$tprefix$tcmd "; - if ( $tcmd =~ /-f$/ ) { - $cmd .= "$req $out"; - } - else { - $cmd .= "<$req >$out"; - } - print STDERR "DEBUG: running test $tname\n" if ( $debug && !$verify ); - system($cmd); - if ( $? != 0 ) { - print STDERR - "WARNING: error executing test $tname for command: $cmd\n"; - $runerr++; - next; - } - if ($verify) { - if ( exists $verify_special{$tname} ) { - my $vout = $rsp; - $vout =~ s/\.rsp$/.ver/; - $tcmd = $verify_special{$tname}; - $cmd = "$cmd_prefix$tprefix$tcmd "; - $cmd .= "<$out >$vout"; - system($cmd); - if ( $? != 0 ) { - print STDERR - "WARNING: error executing verify test $tname $cmd\n"; - $scheckrunerr++; - next; - } - my ( $fcount, $pcount ) = ( 0, 0 ); - open VER, "$vout"; - while (<VER>) { - if (/^Result\s*=\s*(\S*)\s*$/i) - - { - if ( $1 eq "F" ) { - $fcount++; - } - else { - $pcount++; - } - } - } - close VER; - - unlink $vout; - if ( $fcount || $debug ) { - print STDERR "DEBUG: $tname, Pass=$pcount, Fail=$fcount\n"; - } - if ( $fcount || !$pcount ) { - $scheckerr++; - } - else { - $scheckok++; - } - - } - elsif ( !cmp_file( $tname, $rsp, $out ) ) { - $cmperr++; - } - else { - $cmpok++; - } - unlink $out; - } - } -} - -sub cmp_file { - my ( $tname, $rsp, $tst ) = @_; - my ( $rspf, $tstf ); - my ( $rspline, $tstline ); - if ( !open( $rspf, $rsp ) ) { - print STDERR "ERROR: can't open request file $rsp\n"; - return 0; - } - if ( !open( $tstf, $tst ) ) { - print STDERR "ERROR: can't open output file $tst\n"; - return 0; - } - for ( ; ; ) { - $rspline = next_line($rspf); - $tstline = next_line($tstf); - if ( !defined($rspline) && !defined($tstline) ) { - print STDERR "DEBUG: $tname file comparison OK\n" if $debug; - return 1; - } - if ( !defined($rspline) ) { - print STDERR "ERROR: $tname EOF on $rspf\n"; - return 0; - } - if ( !defined($tstline) ) { - print STDERR "ERROR: $tname EOF on $tstf\n"; - return 0; - } - - # Workaround for bug in RAND des2 test output */ - if ( $tstline =~ /^Key2 =/ && $rspline =~ /^Key1 =/ ) { - $rspline =~ s/^Key1/Key2/; - } - - if ( $tstline ne $rspline ) { - print STDERR "ERROR: $tname mismatch:\n"; - print STDERR "\t $tstline != $rspline\n"; - return 0; - } - } - return 1; -} - -sub next_line { - my ($in) = @_; - - while (<$in>) { - chomp; - - # Delete comments - s/#.*$//; - - # Ignore blank lines - next if (/^\s*$/); - - # Translate multiple space into one - s/\s+/ /g; - return $_; - } - return undef; -} |